def test_should_response_200_json(self, session):
self._create_dagrun(session)
key = self.app.config["SECRET_KEY"]
serializer = URLSafeSerializer(key)
token = serializer.dumps({"download_logs": False})
headers = {'Accept': 'application/json'}
response = self.client.get(
f"api/v1/dags/{self.DAG_ID}/dagRuns/TEST_DAG_RUN_ID/"
f"taskInstances/{self.TASK_ID}/logs/1?token={token}",
headers=headers
)
expected_filename = "{}/{}/{}/{}/1.log".format(
self.log_dir,
self.DAG_ID,
self.TASK_ID,
self.default_time.replace(":", ".")
)
self.assertEqual(
response.json['content'],
f"*** Reading local file: {expected_filename}\nLog for testing."
)
info = serializer.loads(response.json['continuation_token'])
self.assertEqual(
info,
{'end_of_log': True}
)
self.assertEqual(200, response.status_code)
def test_get_logs_of_removed_task(self, session):
self._create_dagrun(session)
# Recreate DAG without tasks
dagbag = self.app.dag_bag # pylint: disable=no-member
dag = DAG(self.DAG_ID, start_date=timezone.parse(self.default_time))
dagbag.bag_dag(dag=dag, root_dag=dag)
key = self.app.config["SECRET_KEY"]
serializer = URLSafeSerializer(key)
token = serializer.dumps({"download_logs": True})
response = self.client.get(
f"api/v1/dags/{self.DAG_ID}/dagRuns/TEST_DAG_RUN_ID/"
f"taskInstances/{self.TASK_ID}/logs/1?token={token}",
headers={'Accept': 'text/plain'},
environ_overrides={'REMOTE_USER': "******"},
)
expected_filename = "{}/{}/{}/{}/1.log".format(
self.log_dir, self.DAG_ID, self.TASK_ID, self.default_time.replace(':', '.')
)
assert 200 == response.status_code
assert (
response.data.decode('utf-8')
== f"\n*** Reading local file: {expected_filename}\nLog for testing.\n"
)
def __init__(
self,
app: ASGIApp,
secret: str,
sensitive_cookies: Optional[Set[str]] = None,
cookie_name: str = "csrftoken",
cookie_path: str = "/",
cookie_domain: Optional[str] = None,
cookie_secure: bool = False,
cookie_httponly: bool = False,
cookie_samesite: str = "lax",
header_name: str = "x-csrftoken",
safe_methods: Set[str] = {"GET", "HEAD", "OPTIONS", "TRACE"},
exempt_urls: Optional[List[Pattern]] = None,
) -> None:
super().__init__(app)
self.serializer = URLSafeSerializer(secret, "csrftoken")
self.secret = secret
self.sensitive_cookies = sensitive_cookies
self.cookie_name = cookie_name
self.cookie_path = cookie_path
self.cookie_domain = cookie_domain
self.cookie_secure = cookie_secure
self.cookie_httponly = cookie_httponly
self.cookie_samesite = cookie_samesite
self.header_name = header_name
self.safe_methods = safe_methods
self.exempt_urls = exempt_urls
def decrypt_cookie(encrypted_content):
s = URLSafeSerializer(current_app.config["SECRET_KEY"], salt="cookie")
try:
content = s.loads(encrypted_content)
except:
content = "-1"
return content
def get_log(session, dag_id, dag_run_id, task_id, task_try_number, full_content=False, token=None):
"""Get logs for specific task instance"""
key = current_app.config["SECRET_KEY"]
if not token:
metadata = {}
else:
try:
metadata = URLSafeSerializer(key).loads(token)
except BadSignature:
raise BadRequest("Bad Signature. Please use only the tokens provided by the API.")
if metadata.get('download_logs') and metadata['download_logs']:
full_content = True
if full_content:
metadata['download_logs'] = True
else:
metadata['download_logs'] = False
task_log_reader = TaskLogReader()
if not task_log_reader.supports_read:
raise BadRequest("Task log handler does not support read logs.")
ti = (
session.query(TaskInstance)
.filter(TaskInstance.task_id == task_id, TaskInstance.run_id == dag_run_id)
.join(TaskInstance.dag_run)
.options(eagerload(TaskInstance.dag_run))
.one_or_none()
)
if ti is None:
metadata['end_of_log'] = True
raise NotFound(title="TaskInstance not found")
dag = current_app.dag_bag.get_dag(dag_id)
if dag:
try:
ti.task = dag.get_task(ti.task_id)
except TaskNotFound:
pass
return_type = request.accept_mimetypes.best_match(['text/plain', 'application/json'])
# return_type would be either the above two or None
if return_type == 'application/json' or return_type is None: # default
logs, metadata = task_log_reader.read_log_chunks(ti, task_try_number, metadata)
logs = logs[0] if task_try_number is not None else logs
token = URLSafeSerializer(key).dumps(metadata)
return logs_schema.dump(LogResponseObject(continuation_token=token, content=logs))
# text/plain. Stream
logs = task_log_reader.read_log_stream(ti, task_try_number, metadata)
return Response(logs, headers={"Content-Type": return_type})
def post(self):
#Get user id from email,send email with encoded userId link. On link click call another method that decodes and allows pw [email protected]
email = request.form['email']
user = Accounts.query.filter_by(email=email).first()
userID = user.id_user
s = URLSafeSerializer("RYJ5k67yr57K%$YHErenT46wjrrtdrmnwtrdnt")
encodedUser = s.dumps(user.id_user)
msg = Message('Confirm Email', recipients=[user.email])
emailBody = "Plase click the link to confirm your email http://167.172.59.89:5000/reset/" + encodedUser
msg.body = emailBody
mail.send(msg)
def test_get_logs_response_with_ti_equal_to_none(self, session):
self._create_dagrun(session)
key = self.app.config["SECRET_KEY"]
serializer = URLSafeSerializer(key)
token = serializer.dumps({"download_logs": True})
response = self.client.get(
f"api/v1/dags/{self.DAG_ID}/dagRuns/TEST_DAG_RUN_ID/"
f"taskInstances/Invalid-Task-ID/logs/1?token={token}", )
self.assertEqual(response.status_code, 400)
self.assertEqual(response.json['detail'],
"Task instance did not exist in the DB")
def test_should_raises_401_unauthenticated(self):
key = self.app.config["SECRET_KEY"]
serializer = URLSafeSerializer(key)
token = serializer.dumps({"download_logs": False})
response = self.client.get(
f"api/v1/dags/{self.DAG_ID}/dagRuns/TEST_DAG_RUN_ID/"
f"taskInstances/{self.TASK_ID}/logs/1?token={token}",
headers={'Accept': 'application/json'},
)
assert_401(response)
def test_should_raise_403_forbidden(self):
key = self.app.config["SECRET_KEY"]
serializer = URLSafeSerializer(key)
token = serializer.dumps({"download_logs": True})
response = self.client.get(
f"api/v1/dags/{self.DAG_ID}/dagRuns/TEST_DAG_RUN_ID/"
f"taskInstances/{self.TASK_ID}/logs/1?token={token}",
headers={'Accept': 'text/plain'},
environ_overrides={'REMOTE_USER': "******"},
)
assert response.status_code == 403
def serialize_user_flag(account_id, challenge_id, challenge_data=None, *, secret=None):
if secret is None:
secret = current_app.config["SECRET_KEY"]
serializer = URLSafeSerializer(secret)
data = [account_id, challenge_id]
if challenge_data is not None:
data.append(challenge_data)
user_flag = serializer.dumps(data)[::-1]
return user_flag
def retrieve_cookie(
cookie_name: str, request: flask.Request = flask.request
) -> Union[str, None]:
"""
Returns the decoded version of a signed cookie. If the cookie was
tampered with, then it will return `None`.
"""
serializer = URLSafeSerializer(flask.current_app.config["SECRET_KEY"])
try:
return serializer.loads(request.cookies[cookie_name])
except (BadSignature, BadData, KeyError):
# Somebody tampered with the data and its better to return None.
return None
def unserialize_user_flag(user_flag, *, secret=None):
if secret is None:
secret = current_app.config["SECRET_KEY"]
user_flag = re.sub(".+?{(.+)}", r"\1", user_flag)[::-1]
serializer = URLSafeSerializer(secret)
data = serializer.loads(user_flag)
data.append(None)
account_id, challenge_id, challenge_data, *_ = data
return account_id, challenge_id, challenge_data
class Guard:
def __init__(self):
self.serializer = URLSafeSerializer("secret-key", salt="upgrade")
def hash_password(self, password):
return hashlib.sha256(password.encode()).hexdigest()
def dumps_user(self, username):
return self.serializer.dumps(username)
def loads_token(self, token):
if token[0:14] != "6NEVebMx6_bULg":
return False, ""
return self.serializer.loads_unsafe(token[14:])
def test_get_logs_for_handler_without_read_method(self, mock_log_reader):
type(mock_log_reader.return_value).supports_read = PropertyMock(
return_value=False)
key = self.app.config["SECRET_KEY"]
serializer = URLSafeSerializer(key)
token = serializer.dumps({"download_logs": False})
headers = {'Content-Type': 'application/jso'} # check guessing
response = self.client.get(
f"api/v1/dags/{self.DAG_ID}/dagRuns/TEST_DAG_RUN_ID/"
f"taskInstances/{self.TASK_ID}/logs/1?token={token}",
headers=headers)
self.assertEqual(400, response.status_code)
self.assertIn('Task log handler does not support read logs.',
response.data.decode('utf-8'))
def with_cookie(
cookie_name: str, cookie_data: Any, response, *args, **kwargs
) -> flask.Response:
"""
Takes in a response and attaches a signed cookie with the name
`cookie_name` and data `cookie_data`. This helps verify the
integrity of the cookie. All cookies are httpOnly and rest of
the arguments are passed as is to the `flask.Response.set_cookie`
method.
"""
serializer = URLSafeSerializer(flask.current_app.config["SECRET_KEY"])
data = serializer.dumps(cookie_data)
res = flask.make_response(response)
res.set_cookie(cookie_name, data, httponly=True, *args, **kwargs)
return res
class Config(object):
"""Base configuration"""
SECRET_KEY = os.getenv('SECRET_KEY')
SERIALIZER = URLSafeSerializer(SECRET_KEY)
SESSION_COOKIE_SECURE = True
# Testing
TESTING = int(os.getenv('TESTING'))
TESTING_UNI = os.getenv('TESTING_UNI')
# CAS
CAS_LOGIN_ROUTE = os.getenv('CAS_LOGIN_ROUTE')
CAS_LOGOUT_ROUTE = os.getenv('CAS_LOGOUT_ROUTE')
CAS_VALIDATE_ROUTE = os.getenv('CAS_VALIDATE_ROUTE')
CAS_AFTER_LOGIN = os.getenv('CAS_AFTER_LOGIN')
# Dynamo [required by flask_dynamo]
DYNAMO_SESSION = boto3.Session(
region_name='us-east-2',
aws_access_key_id=os.getenv('AWS_ACCESS_KEY'),
aws_secret_access_key=os.getenv('AWS_SECRET'))
# S3
S3_RESOURCE = boto3.resource('s3',
aws_access_key_id=os.getenv('AWS_ACCESS_KEY'),
aws_secret_access_key=os.getenv('AWS_SECRET'))
FIF_FILES_BUCKET = os.getenv('FIF_BUCKET_NAME')
TEMPLATES_BUCKET = os.getenv('TEMPLATES_BUCKET_NAME')
def test_should_response_200_text_plain(self, session):
self._create_dagrun(session)
key = self.app.config["SECRET_KEY"]
serializer = URLSafeSerializer(key)
token = serializer.dumps({"download_logs": True})
response = self.client.get(
f"api/v1/dags/{self.DAG_ID}/dagRuns/TEST_DAG_RUN_ID/"
f"taskInstances/{self.TASK_ID}/logs/1?token={token}",
headers={'Accept': 'text/plain'})
expected_filename = "{}/{}/{}/{}/1.log".format(
self.log_dir, self.DAG_ID, self.TASK_ID,
self.default_time.replace(':', '.'))
self.assertEqual(200, response.status_code)
self.assertEqual(
response.data.decode('utf-8'),
f"*** Reading local file: {expected_filename}\nLog for testing.\n")
def test_should_respond_200_json(self, session):
self._create_dagrun(session)
key = self.app.config["SECRET_KEY"]
serializer = URLSafeSerializer(key)
token = serializer.dumps({"download_logs": False})
response = self.client.get(
f"api/v1/dags/{self.DAG_ID}/dagRuns/TEST_DAG_RUN_ID/"
f"taskInstances/{self.TASK_ID}/logs/1?token={token}",
headers={'Accept': 'application/json'},
environ_overrides={'REMOTE_USER': "******"},
)
expected_filename = "{}/{}/{}/{}/1.log".format(
self.log_dir, self.DAG_ID, self.TASK_ID, self.default_time.replace(":", ".")
)
assert (
response.json['content']
== f"[('', '*** Reading local file: {expected_filename}\\nLog for testing.')]"
)
info = serializer.loads(response.json['continuation_token'])
assert info == {'end_of_log': True}
assert 200 == response.status_code
def hash(self, key:str, salt:str=None, parallel:bool=False, parallel_statusbar:bool=False, inplace=False): """ To hash an entire DataFrame Parameters ---------- key: str salt: str, optional parallel: bool, optional parallel_statusbar: bool, optional Returns ------- pd.core.frame.DataFrame """ df_input = self._obj.copy() if inplace: df = df_input else: df = df_input.copy() from itsdangerous.url_safe import URLSafeSerializer serializer = URLSafeSerializer(key, salt=salt) if parallel: from pandarallel import pandarallel pandarallel.initialize(progress_bar=parallel_statusbar) df = df.parallel_applymap(lambda x: serializer.dumps(x)) else: df = df.applymap(serializer.dumps) df.columns = [serializer.dumps(c) for c in df.columns.tolist()] if inplace: df_input = df.copy() else: return df
from itsdangerous.serializer import Serializer
s = Serializer("secret-key")
serializer_value = s.dumps([1, 2, 3, 4])
print(serializer_value)
print(s.loads(serializer_value))
from itsdangerous.url_safe import URLSafeSerializer
s1 = URLSafeSerializer("secret-key", salt="activate")
s1.dumps(1)
s2 = URLSafeSerializer("secret-key", salt="upgrade")
s2.dumps(1)
print(s1.dumps(1))
print(s2.dumps(1))
print(s1.loads(s1.dumps(1)))
print(s2.loads(s2.dumps(1)))
s = URLSafeSerializer("secret-key")
s.dumps([1, 2, 3, 4])
print(s.dumps([1, 2, 3, 4]))
print(s.loads(s.dumps([1, 2, 3, 4])))
from bson.objectid import ObjectId
from aioauth_client import DiscordClient
from models import LogEntry, Guild, DiscordUser, User
# from discord import Discord
CONNECTION_URI = os.environ.get("CONNECTION_URI")
DISCORD_TOKEN = os.environ.get("DISCORD_TOKEN")
DISCORD_CLIENT_ID = os.environ.get("DISCORD_CLIENT_ID")
DISCORD_CLIENT_SECRET = os.environ.get("DISCORD_CLIENT_SECRET")
LOG_URL = os.environ.get("LOG_URL")
SECRET_KEY = os.environ.get('SECRET_KEY', 'this_should_be_configured')
SERIALIZER = URLSafeSerializer(SECRET_KEY)
app = FastAPI()
app.mount("/static", StaticFiles(directory="static"), name="static")
templates = Jinja2Templates(directory="templates")
app.add_middleware(SessionMiddleware, secret_key=SECRET_KEY)
mongo = AsyncIOMotorClient(CONNECTION_URI)
db = mongo.modmail_bot
logs: Collection = db.logs
users: Collection = db.users
# discord = Discord(DISCORD_TOKEN)
def get_log(
*,
dag_id: str,
dag_run_id: str,
task_id: str,
task_try_number: int,
full_content: bool = False,
map_index: int = -1,
token: Optional[str] = None,
session: Session = NEW_SESSION,
) -> APIResponse:
"""Get logs for specific task instance"""
key = get_airflow_app().config["SECRET_KEY"]
if not token:
metadata = {}
else:
try:
metadata = URLSafeSerializer(key).loads(token)
except BadSignature:
raise BadRequest(
"Bad Signature. Please use only the tokens provided by the API."
)
if metadata.get('download_logs') and metadata['download_logs']:
full_content = True
if full_content:
metadata['download_logs'] = True
else:
metadata['download_logs'] = False
task_log_reader = TaskLogReader()
if not task_log_reader.supports_read:
raise BadRequest("Task log handler does not support read logs.")
ti = (session.query(TaskInstance).filter(
TaskInstance.task_id == task_id,
TaskInstance.dag_id == dag_id,
TaskInstance.run_id == dag_run_id,
TaskInstance.map_index == map_index,
).join(TaskInstance.dag_run).one_or_none())
if ti is None:
metadata['end_of_log'] = True
raise NotFound(title="TaskInstance not found")
dag = get_airflow_app().dag_bag.get_dag(dag_id)
if dag:
try:
ti.task = dag.get_task(ti.task_id)
except TaskNotFound:
pass
return_type = request.accept_mimetypes.best_match(
['text/plain', 'application/json'])
# return_type would be either the above two or None
logs: Any
if return_type == 'application/json' or return_type is None: # default
logs, metadata = task_log_reader.read_log_chunks(
ti, task_try_number, metadata)
logs = logs[0] if task_try_number is not None else logs
# we must have token here, so we can safely ignore it
token = URLSafeSerializer(key).dumps(
metadata) # type: ignore[assignment]
return logs_schema.dump(
LogResponseObject(continuation_token=token, content=logs))
# text/plain. Stream
logs = task_log_reader.read_log_stream(ti, task_try_number, metadata)
return Response(logs, headers={"Content-Type": return_type})
import httpx
from fastapi.requests import Request
from sqlalchemy.orm.session import Session
from digirent.database.enums import UserRole
from digirent.app.social import oauth
from digirent.app import Application
from digirent.database.models import User
from digirent.core import config
from itsdangerous.url_safe import URLSafeSerializer
serializer = URLSafeSerializer(secret_key=config.SECRET_KEY, salt=config.SALT)
def generate_state(access_token: str, who: str, social: str) -> str:
assert who in ["tenant", "landlord"]
assert social in ["google", "facebook"]
return serializer.dumps({
"access_token": access_token,
"who": who,
"social": social
})
def get_payload_from_state(state: str) -> dict:
return serializer.loads(state)
async def get_token_from_google_auth(
request: Request,
session: Session,
app: Application,
def __init__(self):
self.serializer = URLSafeSerializer("secret-key", salt="upgrade")
db.Column(
'id',
db.Integer,
db.ForeignKey('skills.id'),
primary_key=True,
))
app.config['MAIL_SERVER'] = "smtp.gmail.com"
app.config['MAIL_PORT'] = 465
app.config['MAIL_USE_SSL'] = True
app.config['MAIL_DEFAULT_SENDER'] = "*****@*****.**"
app.config['MAIL_USERNAME'] = "******"
app.config['MAIL_PASSWORD'] = "******"
mail = Mail(app)
s = URLSafeSerializer("RYJ5k67yr57K%$YHErenT46wjrrtdrmnwtrdnt")
b = Serializer(app.config['SECRET_KEY'], expires_in=860000)
class Tasks(db.Model):
id = db.Column(db.Integer, primary_key=True)
title = db.Column(db.String(50), nullable=False)
description = db.Column(db.String(512), nullable=False)
category = db.Column(db.String(20), nullable=False)
et = db.Column(db.Integer, nullable=False)
price = db.Column(db.Integer, nullable=False)
location = db.Column(db.String(20), nullable=False)
picture = db.Column(db.String(80), nullable=True)
owner_id = db.Column(db.Integer, db.ForeignKey("accounts.id_user"))
task_completer = db.Column(db.Integer,
db.ForeignKey("accounts.id_user"),
class CSRFMiddleware(BaseHTTPMiddleware):
def __init__(
self,
app: ASGIApp,
secret: str,
sensitive_cookies: Optional[Set[str]] = None,
cookie_name: str = "csrftoken",
cookie_path: str = "/",
cookie_domain: Optional[str] = None,
cookie_secure: bool = False,
cookie_httponly: bool = False,
cookie_samesite: str = "lax",
header_name: str = "x-csrftoken",
safe_methods: Set[str] = {"GET", "HEAD", "OPTIONS", "TRACE"},
exempt_urls: Optional[List[Pattern]] = None,
) -> None:
super().__init__(app)
self.serializer = URLSafeSerializer(secret, "csrftoken")
self.secret = secret
self.sensitive_cookies = sensitive_cookies
self.cookie_name = cookie_name
self.cookie_path = cookie_path
self.cookie_domain = cookie_domain
self.cookie_secure = cookie_secure
self.cookie_httponly = cookie_httponly
self.cookie_samesite = cookie_samesite
self.header_name = header_name
self.safe_methods = safe_methods
self.exempt_urls = exempt_urls
async def dispatch(self, request: Request, call_next: RequestResponseEndpoint):
csrf_cookie = request.cookies.get(self.cookie_name)
if (
request.method not in self.safe_methods
and self._has_sensitive_cookies(request.cookies)
and not self._url_is_exempt(request.url)
):
submitted_csrf_token = await self._get_submitted_csrf_token(request)
if (
not csrf_cookie
or not submitted_csrf_token
or not self._csrf_tokens_match(csrf_cookie, submitted_csrf_token)
):
return self._get_error_response(request)
response = await call_next(request)
if not csrf_cookie:
response.set_cookie(
self.cookie_name,
self._generate_csrf_token(),
path=self.cookie_path,
domain=self.cookie_domain,
secure=self.cookie_secure,
httponly=self.cookie_httponly,
samesite=self.cookie_samesite,
)
return response
def _has_sensitive_cookies(self, cookies: Dict[str, str]) -> bool:
if not self.sensitive_cookies:
return True
for sensitive_cookie in self.sensitive_cookies:
if sensitive_cookie in cookies:
return True
return False
def _url_is_exempt(self, url: URL) -> bool:
if not self.exempt_urls:
return False
for exempt_url in self.exempt_urls:
if exempt_url.match(url.path):
return True
return False
async def _get_submitted_csrf_token(self, request: Request) -> Optional[str]:
return request.headers.get(self.header_name)
def _generate_csrf_token(self) -> str:
return cast(str, self.serializer.dumps(secrets.token_urlsafe(128)))
def _csrf_tokens_match(self, token1: str, token2: str) -> bool:
try:
decoded1: str = self.serializer.loads(token1)
decoded2: str = self.serializer.loads(token2)
return secrets.compare_digest(decoded1, decoded2)
except BadSignature:
return False
def _get_error_response(self, request: Request) -> Response:
return PlainTextResponse(
content="CSRF token verification failed", status_code=403
)
import logging import sys from flask import Flask, request, jsonify, make_response from flask_cors import CORS from flask_sqlalchemy import SQLAlchemy from flask_migrate import Migrate from itsdangerous.url_safe import URLSafeSerializer from config import Config from flask_jwt_extended import JWTManager logging.basicConfig(level=logging.DEBUG) app = Flask(__name__) app.config.from_object(Config) CORS(app) db = SQLAlchemy(app) migrate = Migrate(app, db) signer = URLSafeSerializer(Config.SECRET) jwt = JWTManager(app)
from itsdangerous.exc import BadSignature
# Standard implementation of profiling_reference should be based on a cookie
# with expiry date set on 12 hours ahead from the current time.
# Each time the user enters the site before expiration of the cookie,
# the expiry date should be again renewed for another 12 hours.
# After 12 hours with no user actions, next actions should be
# assigned to a new profiling_reference.
signed_bp = Blueprint('signed', __name__)
PROFILING_REF_COOKIE_NAME = 'jFaI0eZ' # some random cookie name
PROFILING_REF_COOKIE_MAX_AGE = 43200 # 12 hours in seconds
SECRET = 'YmaGqK_If3tfW9jXrPevygHBKwiWGuLPFL0Xzait0Wow' # some secret key used to signing the cookie
serializer = URLSafeSerializer(SECRET)
def prepare_signed_cookie(profling_reference):
"""Prepares signed cookie with expire date inside.
"""
expires = (datetime.utcnow() +
timedelta(seconds=PROFILING_REF_COOKIE_MAX_AGE))
cookie_data = {'value': profling_reference, 'expires': expires.timestamp()}
return serializer.dumps(cookie_data)
def get_valid_profiling_ref_from_signed_cookie(cookie_value):
"""Validates cookie signature and expire date.
If signature is valid and cookie has not expired, returns value.
import datetime
from flask import Flask, render_template, redirect, url_for, request, session, flash, jsonify, make_response
from flask_sqlalchemy import SQLAlchemy
from flask_migrate import Migrate
from itsdangerous.url_safe import URLSafeSerializer
###########################
######### SET UP ##########
###########################
app = Flask(__name__)
app.secret_key = os.urandom(24)
# set up for cookie encryption
key = os.urandom(24)
cookie_encryptor = URLSafeSerializer(key)
# set up for SQL databese and database migration
app.config['SQLALCHEMY_DATABASE_URI'] = os.getenv("SQLALCHEMY_DATABASE_URI")
app.config['SQLAHCHEMY_TRACK_MODIFICATION'] = False
app.config['JSON_AS_ASCII'] = False
db = SQLAlchemy(app)
Migrate(app, db)
###########################
### Define Model(table) ###
###########################
class User(db.Model):
def encrypt_cookie(content):
s = URLSafeSerializer(current_app.config["SECRET_KEY"], salt="cookie")
encrypted_content = s.dumps(content)
return encrypted_content
